Fundamentals of Risk Management
Download 3.45 Mb. Pdf ko'rish
|
Fundamentals of Risk Management
- Bu sahifa navigatsiya:
- Risk response LEARNINg OUTcOmEs FOR PART FOUR
|
Risk assessment
170 result in the risks increasing. Further aspects of risk appetite and personal perception of risk are discussed in Chapter 25. In terms of business decisions about operational risk, it is important that those risks are taken on an objective basis. Personal views and perceptions of risk can lead to incorrect business decisions. Ensuring the avail- ability of accurate risk information in order to make business decisions is one of the key responsibilities of the risk manager. Chapter 7 confirms that establishing the context is the first stage in the risk man- agement process. The riskiness index set out in Table 14.2 provides a useful structure for establishing both the external context and the internal context of the organiza- tion. When establishing the context, it is important to consider the upside of risk and how opportunities will emerge for the organization and how these opportunities can be exploited, in relation to strategy, tactics and operations. Finally, it is important to note that there is an upside that can be achieved in rela- tion to compliance risks. For some organizations, there will be a regulator that grants licences and, without a licence, the organization cannot operate. In these circum- stances, a good working relationship with the regulator can often provide an upside of risk. This will be especially true if the organization seeks to influence the regulator to require tighter control of regulated activities. In this way, the organization will set high standards that it is able to achieve, in the hope that competitors may suffer disadvantage, if they also have to achieve these high standards, but are not able to do so without additional expense. Part FOUr Risk response LEARNINg OUTcOmEs FOR PART FOUR ● ● describe the risk response options in terms of tolerate, treat, transfer and terminate (4Ts), and explain how these can be shown on a risk matrix; ● ● explain the benefits of using a risk matrix to illustrate inherent, current and target levels of risk and the effect of controls; ● ● describe the types of controls that are available, in terms of preventive, corrective, directive and detective (PCDD) controls; ● ● explain the use of a risk matrix to identify the main type of control for different types of hazard risk and the concept of ‘hazard risk zones’; ● ● describe the importance and structure of insurance and the circumstances in which insurance is purchased and the purpose of a captive insurance company; ● ● explain the importance to the insurance purchasing activity of cost, coverage, capacity, capabilities, claims and compliance (6Cs); ● ● summarize the importance of business continuity planning (BCP) and disaster recovery planning (DRP) and provide practical examples; ● ● describe the approach taken during a business impact analysis (BIA) and the importance of established business continuity standards, such as ISO 22301. Download 3.45 Mb. Do'stlaringiz bilan baham: 
|